Merge branch 'main' into Update-comprehend-detection-filters

pkg/types/properties.go

@@ -85,6 +85,21 @@ func (p Properties) SetTagWithPrefix(prefix string, tagKey *string, tagValue int
 	return p.Set(keyStr, tagValue)
 }
 
+func (p Properties) SetPropertyWithPrefix(prefix string, propertyKey string, propertyValue interface{}) Properties {
+	keyStr := strings.TrimSpace(propertyKey)
+	prefix = strings.TrimSpace(prefix)
+
+	if keyStr == "" {
+		return p
+	}
+
+	if prefix != "" {
+		keyStr = fmt.Sprintf("%s:%s", prefix, keyStr)
+	}
+
+	return p.Set(keyStr, propertyValue)
+}
+
 func (p Properties) Get(key string) string {
 	value, ok := p[key]
 	if !ok {

pkg/types/properties_test.go

@@ -161,3 +161,41 @@ func TestPropertiesSetTagWithPrefix(t *testing.T) {
 		})
 	}
 }
+
+func TestPropertiesSetPropertiesWithPrefix(t *testing.T) {
+	cases := []struct {
+		name   string
+		prefix string
+		key    string
+		value  interface{}
+		want   string
+	}{
+		{
+			name:   "empty",
+			prefix: "",
+			key:    "OwnerID",
+			value:  aws.String("123456789012"),
+			want:   `[OwnerID: "123456789012"]`,
+		},
+		{
+			name:   "nonempty",
+			prefix: "igw",
+			key:    "OwnerID",
+			value:  aws.String("123456789012"),
+			want:   `[igw:OwnerID: "123456789012"]`,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			p := types.NewProperties()
+
+			p.SetPropertyWithPrefix(tc.prefix, tc.key, tc.value)
+			have := p.String()
+
+			if tc.want != have {
+				t.Errorf("'%s' != '%s'", tc.want, have)
+			}
+		})
+	}
+}

resources/apprunner-connection.go

@@ -0,0 +1,62 @@
+package resources
+
+import (
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/apprunner"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
+)
+
+type AppRunnerConnection struct {
+	svc            *apprunner.AppRunner
+	ConnectionArn  *string
+	ConnectionName *string
+}
+
+func init() {
+	register("AppRunnerConnection", ListAppRunnerConnections)
+}
+
+func ListAppRunnerConnections(sess *session.Session) ([]Resource, error) {
+	svc := apprunner.New(sess)
+	resources := []Resource{}
+
+	params := &apprunner.ListConnectionsInput{}
+
+	for {
+		resp, err := svc.ListConnections(params)
+		if err != nil {
+			return nil, err
+		}
+
+		for _, item := range resp.ConnectionSummaryList {
+			resources = append(resources, &AppRunnerConnection{
+				svc:            svc,
+				ConnectionArn:  item.ConnectionArn,
+				ConnectionName: item.ConnectionName,
+			})
+		}
+
+		if resp.NextToken == nil {
+			break
+		}
+
+		params.NextToken = resp.NextToken
+	}
+
+	return resources, nil
+}
+
+func (f *AppRunnerConnection) Remove() error {
+	_, err := f.svc.DeleteConnection(&apprunner.DeleteConnectionInput{
+		ConnectionArn: f.ConnectionArn,
+	})
+
+	return err
+}
+
+func (f *AppRunnerConnection) Properties() types.Properties {
+	properties := types.NewProperties()
+	properties.Set("ConnectionArn", f.ConnectionArn)
+	properties.Set("ConnectionName", f.ConnectionName)
+	return properties
+}

resources/apprunner-service.go

@@ -0,0 +1,65 @@
+package resources
+
+import (
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/apprunner"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
+)
+
+type AppRunnerService struct {
+	svc         *apprunner.AppRunner
+	ServiceArn  *string
+	ServiceId   *string
+	ServiceName *string
+}
+
+func init() {
+	register("AppRunnerService", ListAppRunnerServices)
+}
+
+func ListAppRunnerServices(sess *session.Session) ([]Resource, error) {
+	svc := apprunner.New(sess)
+	resources := []Resource{}
+
+	params := &apprunner.ListServicesInput{}
+
+	for {
+		resp, err := svc.ListServices(params)
+		if err != nil {
+			return nil, err
+		}
+
+		for _, item := range resp.ServiceSummaryList {
+			resources = append(resources, &AppRunnerService{
+				svc:         svc,
+				ServiceArn:  item.ServiceArn,
+				ServiceId:   item.ServiceId,
+				ServiceName: item.ServiceName,
+			})
+		}
+
+		if resp.NextToken == nil {
+			break
+		}
+
+		params.NextToken = resp.NextToken
+	}
+
+	return resources, nil
+}
+
+func (f *AppRunnerService) Remove() error {
+	_, err := f.svc.DeleteService(&apprunner.DeleteServiceInput{
+		ServiceArn: f.ServiceArn,
+	})
+
+	return err
+}
+
+func (f *AppRunnerService) Properties() types.Properties {
+	properties := types.NewProperties()
+	properties.Set("ServiceArn", f.ServiceArn)
+	properties.Set("ServiceId", f.ServiceId)
+	properties.Set("ServiceName", f.ServiceName)
+	return properties
+}

resources/ec2-dhcp-options.go

@@ -11,6 +11,7 @@ type EC2DHCPOption struct {
 	id         *string
 	tags       []*ec2.Tag
 	defaultVPC bool
+	ownerID    *string
 }
 
 func init() {
@@ -37,6 +38,7 @@ func ListEC2DHCPOptions(sess *session.Session) ([]Resource, error) {
 			id:         out.DhcpOptionsId,
 			tags:       out.Tags,
 			defaultVPC: defVpcDhcpOptsId == *out.DhcpOptionsId,
+			ownerID:    out.OwnerId,
 		})
 	}
 
@@ -62,6 +64,7 @@ func (e *EC2DHCPOption) Properties() types.Properties {
 		properties.SetTag(tagValue.Key, tagValue.Value)
 	}
 	properties.Set("DefaultVPC", e.defaultVPC)
+	properties.Set("OwnerID", e.ownerID)
 	return properties
 }
 

resources/ec2-internet-gateway-attachments.go

@@ -12,8 +12,10 @@ import (
 type EC2InternetGatewayAttachment struct {
 	svc        *ec2.EC2
 	vpcId      *string
+	vpcOwnerID *string
 	vpcTags    []*ec2.Tag
 	igwId      *string
+	igwOwnerID *string
 	igwTags    []*ec2.Tag
 	defaultVPC bool
 }
@@ -50,8 +52,10 @@ func ListEC2InternetGatewayAttachments(sess *session.Session) ([]Resource, error
 			resources = append(resources, &EC2InternetGatewayAttachment{
 				svc:        svc,
 				vpcId:      vpc.VpcId,
+				vpcOwnerID: vpc.OwnerId,
 				vpcTags:    vpc.Tags,
 				igwId:      igw.InternetGatewayId,
+				igwOwnerID: igw.OwnerId,
 				igwTags:    igw.Tags,
 				defaultVPC: *vpc.IsDefault,
 			})
@@ -84,6 +88,8 @@ func (e *EC2InternetGatewayAttachment) Properties() types.Properties {
 		properties.SetTagWithPrefix("vpc", tagValue.Key, tagValue.Value)
 	}
 	properties.Set("DefaultVPC", e.defaultVPC)
+	properties.SetPropertyWithPrefix("vpc", "OwnerID", e.vpcOwnerID)
+	properties.SetPropertyWithPrefix("igw", "OwnerID", e.igwOwnerID)
 	return properties
 }
 

resources/ec2-route-tables.go

@@ -12,6 +12,7 @@ type EC2RouteTable struct {
 	svc        *ec2.EC2
 	routeTable *ec2.RouteTable
 	defaultVPC bool
+	ownerID    *string
 }
 
 func init() {
@@ -37,6 +38,7 @@ func ListEC2RouteTables(sess *session.Session) ([]Resource, error) {
 			svc:        svc,
 			routeTable: out,
 			defaultVPC: defVpcId == *out.VpcId,
+			ownerID:    out.OwnerId,
 		})
 	}
 
@@ -72,6 +74,7 @@ func (e *EC2RouteTable) Properties() types.Properties {
 		properties.SetTag(tagValue.Key, tagValue.Value)
 	}
 	properties.Set("DefaultVPC", e.defaultVPC)
+	properties.Set("OwnerID", e.ownerID)
 	return properties
 }
 

resources/firehose-deliverystreams.go

@@ -4,11 +4,13 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/firehose"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
 )
 
 type FirehoseDeliveryStream struct {
 	svc                *firehose.Firehose
 	deliveryStreamName *string
+	tags               []*firehose.Tag
 }
 
 func init() {
@@ -18,6 +20,7 @@ func init() {
 func ListFirehoseDeliveryStreams(sess *session.Session) ([]Resource, error) {
 	svc := firehose.New(sess)
 	resources := []Resource{}
+	tags := []*firehose.Tag{}
 	var lastDeliveryStreamName *string
 
 	params := &firehose.ListDeliveryStreamsInput{
@@ -31,14 +34,35 @@ func ListFirehoseDeliveryStreams(sess *session.Session) ([]Resource, error) {
 		}
 
 		for _, deliveryStreamName := range output.DeliveryStreamNames {
+			tagParams := &firehose.ListTagsForDeliveryStreamInput{
+				DeliveryStreamName: deliveryStreamName,
+				Limit:              aws.Int64(50),
+			}
+
+			for {
+				tagResp, tagErr := svc.ListTagsForDeliveryStream(tagParams)
+				if tagErr != nil {
+					return nil, tagErr
+				}
+
+				tags = append(tags, tagResp.Tags...)
+				if !*tagResp.HasMoreTags {
+					break
+				}
+
+				tagParams.ExclusiveStartTagKey = tagResp.Tags[len(tagResp.Tags)-1].Key
+			}
+
 			resources = append(resources, &FirehoseDeliveryStream{
 				svc:                svc,
 				deliveryStreamName: deliveryStreamName,
+				tags:               tags,
 			})
+
 			lastDeliveryStreamName = deliveryStreamName
 		}
 
-		if *output.HasMoreDeliveryStreams == false {
+		if !*output.HasMoreDeliveryStreams {
 			break
 		}
 
@@ -60,3 +84,13 @@ func (f *FirehoseDeliveryStream) Remove() error {
 func (f *FirehoseDeliveryStream) String() string {
 	return *f.deliveryStreamName
 }
+
+func (f *FirehoseDeliveryStream) Properties() types.Properties {
+	properties := types.NewProperties()
+	for _, tag := range f.tags {
+		properties.SetTag(tag.Key, tag.Value)
+	}
+
+	properties.Set("Name", f.deliveryStreamName)
+	return properties
+}

resources/iam-instance-profile-roles.go

@@ -74,7 +74,7 @@ func (e *IAMInstanceProfileRole) Remove() error {
 }
 
 func (e *IAMInstanceProfileRole) String() string {
-	return fmt.Sprintf("%s -> %s", *e.profile.InstanceProfileName, e.role)
+	return fmt.Sprintf("%s -> %s", *e.profile.InstanceProfileName, *e.role.RoleName)
 }
 
 func (e *IAMInstanceProfileRole) Properties() types.Properties {

resources/memorydb-acl.go

@@ -1,6 +1,8 @@
 package resources
 
 import (
+	"fmt"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/memorydb"
@@ -55,6 +57,14 @@ func ListMemoryDBACLs(sess *session.Session) ([]Resource, error) {
 	return resources, nil
 }
 
+func (i *MemoryDBACL) Filter() error {
+	if *i.name == "open-access" {
+		return fmt.Errorf("open-access ACL can't be deleted")
+	} else {
+		return nil
+	}
+}
+
 func (i *MemoryDBACL) Remove() error {
 	params := &memorydb.DeleteACLInput{
 		ACLName: i.name,